From 663972c88d3ae3e3226fe6f95ca1113694ce0618 Mon Sep 17 00:00:00 2001 From: Alexander Barton Date: Fri, 5 Jan 2024 22:31:32 +0100 Subject: [PATCH] S2S-TLS/GnuTLS: Streamline logging --- src/ngircd/conn-ssl.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c index c418c986..7fb81839 100644 --- a/src/ngircd/conn-ssl.c +++ b/src/ngircd/conn-ssl.c @@ -869,8 +869,10 @@ ConnSSL_HandleError(CONNECTION * c, const int code, const char *fname) default: assert(code < 0); if (gnutls_error_is_fatal(code)) { - Log(LOG_ERR, "SSL error: %s [%s].", - gnutls_strerror(code), fname); + /* We don't need to log this here, the generic + * connection layer will take care of it. */ + LogDebug("SSL error: %s [%s].", + gnutls_strerror(code), fname); ConnSSL_Free(c); return -1; } @@ -914,12 +916,12 @@ LogGnuTLS_CertInfo(int level, gnutls_x509_crt_t cert, const char *msg) assert(size); issuer_dn = LogMalloc(size); if (!issuer_dn) { - Log(level, "%s: Distinguished Name: %s", msg, dn); + Log(level, "%s: Distinguished Name \"%s\".", msg, dn); free(dn); return; } gnutls_x509_crt_get_issuer_dn(cert, issuer_dn, &size); - Log(level, "%s: Distinguished Name: \"%s\", Issuer \"%s\"", msg, dn, + Log(level, "%s: Distinguished Name \"%s\", Issuer \"%s\".", msg, dn, issuer_dn); free(dn); free(issuer_dn); @@ -979,7 +981,7 @@ ConnSSL_LogCertInfo( CONNECTION * c, bool connect) * hand we want client certificates, for example for * "CertFP" authentication with services ... */ LogOpenSSL_CertInfo(LOG_INFO, peer_cert, - "Got unchecked client certificate"); + "Got unchecked peer certificate"); } X509_free(peer_cert); -- 2.39.2